Federated identity management is an arrangement that can be made between multiple enterprises which allows users access to all of the digital resources of the group utilizing the same identification credentials. It amounts to having a common set of policies, practices and protocols in place to manage the identity and trust of individuals across organizations.
Federated identity management allows users to use single sign-on in which a user's single authentication token is trusted across multiple information technology systems and across multiple organizations. Technologies used for federated sign-on include Open ID, OAuth, and SAML.
In many current installations, federated logon is accomplished when a relying party accepts user authentication from an identity provider as in the case of OpenID. Often the users are authenticated by simply entering a user name and password. The industry is now moving towards the more secure solution of two-factor authentication based on the premise of something you know (your password) and something you have (a security token).
In these types of security systems, the user digital identifier plays an important role in the authentication process. For several years, a person's Social Security Number was used as a convenient method of manual identification since each person had one and only one number, and all of the numbers were unique. Some states adopted the practice of using the federal Social Security Number as the driver's license number. Over time, this practice had to be abandoned as the widespread usage of social security numbers as a means of identity authentication opened the door to identity theft. Care should now be taken to assure that a unique and different user identifier be used for each subscriber in a federated identity system.